WebTorrent: intercept only top-level frame requests for .torrent files #3035
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- `renderFileLink` is never called when `torrent` is null - Remove duplicate props deconstruction
When the user clicks on a file in the torrent file list, a new tab opens which points to the .torrent file, but with a file fragment appended. For example, the torrent https://webtorrent.io/torrents/big-buck-bunny.torrent would have a link to https://webtorrent.io/torrents/big-buck-bunny.torrent#ix=1 for the 2nd file in the torrent. Without this PR, this request passes the `IsWebtorrentInitiated(ctx)` condition and is therefore allowed to reach the network. Instead, we should confirm that the request is not for an individual file before letting it go to the network. That's what this commit does. Fixes: brave/brave-browser#3966
If a web page embeds the WebTorrent client-side JS library and attempts to load a .torrent file using an XHR request or fetch, Brave will intercept the .torrent file load and replace it with the chrome-extension HTML, breaking the site. This is true not just for the WebTorrent JS library but for any request to fetch a .torrent file. Fixes: brave/brave-browser#5361 Fixes: brave/brave-browser#3164 Fixes: brave/brave-browser#1436
feross
force-pushed
the
webtorrent-intercept
branch
from
9240cd6
to
03868fe
Compare
This was referenced Jul 26, 2019
yrliou
approved these changes
Jul 27, 2019
components/brave_webtorrent/browser/net/brave_torrent_redirect_network_delegate_helper.cc
Show resolved
Hide resolved
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
If a web page embeds the WebTorrent client-side JS library and attempts to load a .torrent file using an XHR request or fetch, Brave will intercept the .torrent file load and replace it with the chrome-extension HTML, breaking the site. This is true not just for the WebTorrent JS library but for any request to fetch a .torrent file.
Fixes: brave/brave-browser#5361
Fixes: brave/brave-browser#3164
Fixes: brave/brave-browser#1436
(Rebased on top of this unmerged PR (#2990) to avoid merge conflicts later. So no need to review anything but the last commit)
Submitter Checklist:
npm run lint)git rebase master(if needed).git rebase -ito squash commits (if needed).Test Plan:
There are three test plans, see these issues:
Save Link Asbrave-browser#1436Reviewer Checklist:
After-merge Checklist:
changes has landed on.